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What is claimed is : 

1 LA machine-implemented method, comprising: 

2 creating, within a global operating system environment provided by an operating 

3 system, a first non-global partition which serves to isolate processes running within that 

4 partition from other non-global partitions within the global operating system 

5 environment; and 

6 establishing a first file system for the first non-global partition, wherein the first 

7 file system cannot be accessed by processes running in any non-global partition other 

8 than the first non-global partition, and wherein the first file system comprises at least one 

9 virtual directory, which has associated therewith a reference to another particular file 
10 system directory. 

1 2. The method of claim 1 , wherein the virtual directory is part of a virtual file 

2 system, which has been mounted into the first file system. 

1 3. The method of claim 2, wherein the virtual file system is a loopback file 

2 system. 

1 4. The method of claim 1 , wherein establishing the first file system 

2 comprises: 

3 mounting the other particular file system directory onto the virtual directory. 
1 5. The method of claim 4, wherein mounting comprises: 

28 



15437-0583/SUN030236NP 



2 storing a set of semantics associated with the virtual directory, wherein the set of 

3 semantics indicates that the virtual directory is part of a virtual file system. 

1 6. The method of claim 5, wherein the set of semantics further comprises the 

2 reference to the other particular file system directory. 

1 7. The method of claim 1, wherein the first file system has a first root 



2 directory associated therewith, wherein the first file system is a portion of an overall file 

3 system associated with the global operating system environment, wherein the overall file 

4 system has an overall root directory which is above the first root directory in a directory 

5 hierarchy, and wherein processes running with the first non-global partition cannot 

6 traverse above the first root directory in the directory hierarchy. 

1 8. The method of claim 1 , wherein the first file system is a portion of an 

2 overall file system associated with the global operating system environment, and wherein 

3 the other particular file system directory resides in a portion of the overall file system that 

4 is not a part of the first file system. 



1 9. The method of claim 1 , wherein the virtual directory comprises no actual 

2 files or directories. 

1 10. The method of claim 1, wherein the other particular file system directory, 

2 or a subdirectory thereof, comprises one or more actual files. 
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1 11. The method of claim 10, wherein processes running within the first non- 

2 global partition have read-only access to the one or more actual files. 

1 12. The method of claim 1, wherein the other particular file system directory 

2 is a virtual directory, which has associated therewith a reference to yet another file 

3 system directory. 

1 13. The method of claim 1, further comprising: 

2 creating, within the global operating system environment, a second non-global 

3 partition which serves to isolate processes running within that partition from other non- 

4 global partitions within the global operating system environment; and 

5 establishing a second file system for the second non-global partition, wherein the 

6 second file system cannot be accessed by processes running in any non-global partition 

7 other than the second non-global partition, and wherein the second file system comprises 

8 at least one virtual directory, which has associated therewith a reference to the other 

9 particular file system directory. 

1 14. The method of claim 13, wherein the other particular file system directory, 

2 or a subdirectory thereof, comprises one or more actual files which are shared by the first 

3 and second non-global partitions. 
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1 15. The method of claim 13, wherein establishing the second file system 

2 comprising: 

3 mounting the other particular file system directory onto the virtual directory of the 

4 second file system. 

1 16. The method of claim 1 5, wherein mounting comprises: 

2 storing a second set of semantics associated with the virtual directory of the 



3 second file system, wherein the second set of semantics indicates that the virtual directory 

4 of the second file system is part of a second virtual file system, and wherein the second 

5 set of semantics further comprises the reference to the other particular file system 

6 directory. 



1 17. The method of claim 1 , further comprising: 

2 receiving a request from a process running within the first non-global partition to 

3 access a particular file; 

4 traversing the first file system to the virtual directory; 

5 following the reference to the other particular file system directory; and 

6 accessing the particular file from the other particular file system directory, or a 

7 subdirectory thereof. 

1 18. The method of claim 1 7, wherein accessing the particular file comprises: 

2 determining whether a copy of the particular file is already in virtual memory; and 
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3 in response to a determination that a copy of the particular file is already in virtual 

4 memory, using the copy already in virtual memory rather than making another copy in 

5 the virtual memory. 

1 19. An apparatus, comprising: 

2 a mechanism for creating, within a global operating system environment provided 

3 by an operating system, a first non-global partition which serves to isolate processes 

4 running within that partition from other non-global partitions within the global operating 

5 system environment; and 

6 a mechanism for establishing a first file system for the first non-global partition, 



7 wherein the first file system cannot be accessed by processes running in any non-global 

8 partition other than the first non-global partition, and wherein the first file system 

9 comprises at least one virtual directory, which has associated therewith a reference to 
10 another particular file system directory. 



1 20. The apparatus of claim 1 9, wherein the virtual directory is part of a virtual 

2 file system, which has been mounted into the first file system. 

1 21. The apparatus of claim 20, wherein the virtual file system is a loopback 

2 file system. 

1 22. The apparatus of claim 19, wherein the mechanism for establishing the 

2 first file system comprises: 
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3 a mechanism for mounting the other particular file system directory onto the 

4 virtual directory. 

1 23 . The apparatus of claim 22, wherein the mechanism for mounting 

2 comprises: 

3 a mechanism for storing a set of semantics associated with the virtual directory, 

4 wherein the set of semantics indicates that the virtual directory is part of a virtual file 

5 system. 

1 24. The apparatus of claim 23, wherein the set of semantics further comprises 

2 the reference to the other particular file system directory. 

1 25. The apparatus of claim 19, wherein the first file system has a first root 



2 directory associated therewith, wherein the first file system is a portion of an overall file 

3 system associated with the global operating system environment, wherein the overall file 

4 system has an overall root directory which is above the first root directory in a directory 

5 hierarchy, and wherein processes running with the first non-global partition cannot 

6 traverse above the first root directory in the directory hierarchy. 

1 26. The apparatus of claim 19, wherein the first file system is a portion of an 

2 overall file system associated with the global operating system environment, and wherein 

3 the other particular file system directory resides in a portion of the overall file system that 

4 is not a part of the first file system. 
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1 27. The apparatus of claim 19, wherein the virtual directory comprises no 

2 actual files or directories. 

1 28. The apparatus of claim 19, wherein the other particular file system 

2 directory, or a subdirectory thereof, comprises one or more actual files. 

1 29. The apparatus of claim 28, wherein processes running within the first non- 

2 global partition have read-only access to the one or more actual files. 

1 30. The apparatus of claim 1 9, wherein the other particular file system 

2 directory is a virtual directory, which has associated therewith a reference to yet another 

3 file system directory. 

1 31. The apparatus of claim 1 9, further comprising: 

2 a mechanism for creating, within the global operating system environment, a 

3 second non-global partition which serves to isolate processes running within that partition 

4 from other non-global partitions within the global operating system environment; and 

5 a mechanism for establishing a second file system for the second non-global 

6 partition, wherein the second file system cannot be accessed by processes running in any 

7 non-global partition other than the second non-global partition, and wherein the second 

8 file system comprises at least one virtual directory, which has associated therewith a 

9 reference to the other particular file system directory. 
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32. The apparatus of claim 3 1 , wherein the other particular file system 
directory, or a subdirectory thereof, comprises one or more actual files which are shared 
by the first and second non-global partitions. 

33. The apparatus of claim 3 1 , wherein the mechanism for establishing the 
second file system comprising: 

a mechanism for mounting the other particular file system directory onto the 
virtual directory of the second file system. 

34. The apparatus of claim 33, wherein the mechanism for mounting 
comprises: 

a mechanism for storing a second set of semantics associated with the virtual 
directory of the second file system, wherein the second set of semantics indicates that the 
virtual directory of the second file system is part of a second virtual file system, and 
wherein the second set of semantics further comprises the reference to the other particular 
file system directory. 

3 5 . The apparatus of claim 1 9, further comprising: 

a mechanism for receiving a request from a process running within the first non- 
global partition to access a particular file; 

a mechanism for traversing the first file system to the virtual directory; 
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5 a mechanism for following the reference to the other particular file system 

6 directory; and 

7 a mechanism for accessing the particular file from the other particular file system 

8 directory, or a subdirectory thereof. 

1 36. The apparatus of claim 35, wherein the mechanism for accessing the 

2 particular file comprises: 

3 a mechanism for determining whether a copy of the particular file is already in 

4 virtual memory; and 

5 a mechanism for using, in response to a determination that a copy of the particular 



6 file is already in virtual memory, the copy already in virtual memory rather than making 

7 another copy in the virtual memory. 

1 37. A machine-readable medium, comprising: 

2 instructions for causing one or more processors to create, within a global 

3 operating system environment provided by an operating system, a first non-global 

4 partition which serves to isolate processes running within that partition from other non- 

5 global partitions within the global operating system environment; and 

6 instructions for causing one or more processors to establish a first file system for 

7 the first non-global partition, wherein the first file system cannot be accessed by 

8 processes running in any non-global partition other than the first non-global partition, and 

9 wherein the first file system comprises at least one virtual directory, which has associated 
10 therewith a reference to another particular file system directory. 
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1 38. The machine-readable medium of claim 37, wherein the virtual directory 

2 is part of a virtual file system, which has been mounted into the first file system. 

1 39. The machine-readable medium of claim 38, wherein the virtual file system 

2 is a loopback file system. 

1 40. The machine-readable medium of claim 37, wherein the instructions for 

2 causing one or more processors to establish the first file system comprises: 

3 instructions for causing one or more processors to mount the other particular file 

4 system directory onto the virtual directory. 

1 41 . The machine-readable medium of claim 40, wherein the instructions for 

2 causing one or more processors to mount comprises: 

3 instructions for causing one or more processors to store a set of semantics 

4 associated with the virtual directory, wherein the set of semantics indicates that the 

5 virtual directory is part of a virtual file system. 

1 42. The machine-readable medium of claim 41 , wherein the set of semantics 

2 further comprises the reference to the other particular file system directory. 

1 43. The machine-readable medium of claim 37, wherein the first file system 

2 has a first root directory associated therewith, wherein the first file system is a portion of 
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3 an overall file system associated with the global operating system environment, wherein 

4 the overall file system has an overall root directory which is above the first root directory 

5 in a directory hierarchy, and wherein processes running with the first non-global partition 

6 cannot traverse above the first root directory in the directory hierarchy. 

1 44. The machine-readable medium of claim 37, wherein the first file system is 

2 a portion of an overall file system associated with the global operating system 

3 environment, and wherein the other particular file system directory resides in a portion of 

4 the overall file system that is not a part of the first file system. 



1 45. The machine-readable medium of claim 37, wherein the virtual directory 

2 comprises no actual files or directories. 

1 46. The machine-readable medium of claim 37, wherein the other particular 

2 file system directory, or a subdirectory thereof, comprises one or more actual files. 

1 47. The machine-readable medium of claim 46, wherein processes running 

2 within the first non-global partition have read-only access to the one or more actual files. 

1 48. The machine-readable medium of claim 37, wherein the other particular 

2 file system directory is a virtual directory, which has associated therewith a reference to 

3 yet another file system directory. 
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1 49. The machine-readable medium of claim 37, further comprising: 

2 instructions for causing one or more processors to create, within the global 

3 operating system environment, a second non-global partition which serves to isolate 

4 processes running within that partition from other non-global partitions within the global 

5 operating system environment; and 

6 instructions for causing one or more processors to establish a second file system 



7 for the second non-global partition, wherein the second file system cannot be accessed by 

8 processes running in any non-global partition other than the second non-global partition, 

9 and wherein the second file system comprises at least one virtual directory, which has 
10 associated therewith a reference to the other particular file system directory. 



1 50. The machine-readable medium of claim 49, wherein the other particular 

2 file system directory, or a subdirectory thereof, comprises one or more actual files which 

3 are shared by the first and second non-global partitions. 

1 51. The machine-readable medium of claim 49, wherein the instructions for 

2 causing one or more processors to establish the second file system comprises: 

3 instructions for causing one or more processors to mount the other particular file 

4 system directory onto the virtual directory of the second file system. 

1 52. The machine-readable medium of claim 5 1 , wherein the instructions for 

2 causing one or more processors to mount comprises: 
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3 instructions for causing one or more processors to store a second set of semantics 

4 associated with the virtual directory of the second file system, wherein the second set of 

5 semantics indicates that the virtual directory of the second file system is part of a second 

6 virtual file system, and wherein the second set of semantics further comprises the 

7 reference to the other particular file system directory. 

1 53. The machine-readable medium of claim 37, further comprising: 

2 instructions for causing one or more processors to receive a request from a 

3 process running within the first non-global partition to access a particular file; 

4 instructions for causing one or more processors to traverse the first file system to 

5 the virtual directory; 

6 instructions for causing one or more processors to follow the reference to the 

7 other particular file system directory; and 

8 instructions for causing one or more processors to access the particular file from 

9 the other particular file system directory, or a subdirectory thereof. 

1 54. The machine-readable medium of claim 53, wherein the instructions for 

2 causing one or more processors to access the particular file comprises: 

3 instructions for causing one or more processors to determine whether a copy of 

4 the particular file is already in virtual memory; and 

5 instructions for causing one or more processors to use, in response to a 

6 determination that a copy of the particular file is already in virtual memory, the copy 

7 already in virtual memory rather than making another copy in the virtual memory. 
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